User Information Capability
Introduction
All the user information on mini program platform requires user's authorization. Based on the international standard OAuth2.0 authorization mechanism, mini program developers can get user authorization to obtain user information.
However, developers must fully respect the privacy of users and properly use the user authorization. If the information is found to be used beyond the agreed scope or out of unreasonable usage, the platform has the right to permanently withdraw the interface authority of mini program.
Prerequisite
- This capability is open to merchants who have become business partners of wallets.
- Make sure that the integration and configuration have been completed and the mini program has been published.
Interaction Process
Silence Mode
The silence mode is used to get sensitive user information, which requires the wallet (tenant) permission.
The interaction flow of the silent mode consists of the following steps:
- The user opens the wallet app and is redirected to the merchant mini program.
- The merchant mini program calls the
getAuthCode
JSAPI to requestauthCode
from the wallet app. - The wallet app returns
authCode
to the merchant mini program, which sendsauthCode
to the ISV/merchant backend server. - With the obtained
authCode
in step 3, the ISV/merchant server calls the/{version}/oauths/applyToken
OpenAPI to requestaccessToken
anduid
from the wallet server.
Tip: The version
is the version of Open APIs, for example, v1
 or v2
- The wallet server returns
accessToken
anduid
to the ISV/merchant server.
Notes:
authCode
is used to exchange foraccessToken
. Every time the user authorization is completed,authCode
in the JSAPI response is different.authCode
can only be used for one time and is automatically expired within one day.- After the ISV/merchant obtains
accessToken
anduid
:
- The ISV/merchant can use
accessToken
to call other OpenAPIs. For example, call theinquiryUserInfoByAccessToken
OpenAPI to query the user information. - The ISV/merchant can generate a session that maps to
accessToken
anduid
, then set session expiration time and store the mapping. The session will be stored in the mini program framework.
User Consent Mode
The user consent mode is used to get public user information without further permission from wallets (tenants).
Get User Open Info
When the merchant mini program intends to get some public information of users, such as name and avatar, use the User Consent Mode with the getOpenUserInfo
JSAPI. The user needs to sign the agreement and clicks the Accept button. This function is used to display some personal data of the user in the mini program.
Get Auth Code
When the merchant mini program intends to get authCode
that is for further usage, call the getAuthCode
JSAPI by specifying the scope
field.
API List
JSAPI | Description |
Get user open info like avatar, nickname, etc. | |
Get user's authentication code. | |
OpenAPI | Description |
Tip: The | For details, see the Open APIs for Merchants chapter. |